“The management alert bulletin, issued Jan. 13 by HUD’s Office of Inspector General, warns that “HUD is unable to identify, categorize, and adequately secure all of its electronic and paper records that contain personally identifiable information.”
“The Department of Housing and Urban Development is failing to safeguard and manage more than 1 billion records containing personally identifiable information, according to a management alert from the agency’s internal watchdog.
An accompanying memorandum, circulated to HUD officials in December, points to several risk factors. HUD maintains legacy systems that lack basic electronic transaction processing capabilities, which in turn leads to a reliance on paper processing. A survey of HUD officials found that many in the agency are concerned about the volume of paper records held by the agency — including mortgage binders with personal and financial information.
The December memorandum indicated that a formal report was forthcoming but that in the course of the assessment, OIG personnel “encountered specific records management and privacy issues that pose a serious threat to sensitive information that we believed important to raise now rather than wait for the conclusion of our broader evaluation.”
The OIG probe also found that HUD lacks an complete records inventory and that eight of 25 offices surveyed had an inventory of electronic records with personally identifiable information. What’s more, HUD systems don’t allow for any kind of enterprisewide search to locate sensitive information. The agency also is lagging behind in governmentwide efforts to convert from paper to electronic records and in implementing a data classification process to identify and tag controlled unclassified information.
“As a federal agency housing such an extensive amount of sensitive data, HUD must prioritize its capability to properly identify and protect this information,” the OIG alert states. “Failure to do so places both the agency and private citizens at risk.”
The alert comes as some in Congress are concerned that HUD is leveraging facial recognition software to provide security in facilities subsidized by the agency. A group of Democratic lawmakers from the House and Senate asked HUD Secretary Ben Carson in a Dec. 18 letter about the use of such technology in federal subsidized housing, including rules about biometric data collection and retention.”